ITBusiness.ca

Fighting first party fraud in Canada — an expert shows how

Hello and welcome to the program. I’m Joaquim Menezes, senior online editor at IT Business and my guest today is Jas Anand, senior product and risk strategy manager at Actimize. Jas is an expert in the field of risk management, he has an in depth knowledge of how payment fraud works and how it can be avoided. Jas, welcome to the program.

Thank you it’s a pleasure to be here.

Jas in your recent writings you focus a lot on first-party fraud. Could you explain what first party fraud is and how it would be different from something like third party fraud, for instance?

With first party fraud there is no [personal] victim. The customer actually perpetrates the fraud. It’s different from third party fraud where there is such a [personal] victim. For instance, if I steal your credit card and use it, you are the victim of that crime that I’ve perpetrated. Examples of first-party fraud are lying on an application, trying to exceed the amount of funds available to you, and generally extracting more than is available to you from the lending association.

VIDEO: Interview with Jas Anand, Product Manager, Fraud, Actimize

You say in your article that losses incurred by financial institutions from first party fraud can be as much as ten times greater than those caused by third party frauds, such as ID theft.  Why is this so? Could it be that banks and financial institutions don’t have adequate protections in place to deal with first party fraud?

I think that’s partly to blame – but first-party fraud is really part of a large bucket of collections debt. It’s currently written off in that manner, but third party fraud is actually recognized as fraud. The recognized fraud types are aggressively dealt with using technology and solutions. So the losses are significantly lower — in the order of about 10 basis points for third-party losses, and about 100 basis points for collections losses.

A portion of those collections losses is first party fraud – where there is evidence of intent, as I have described earlier. And yes, those are large losses. The reason is, with the recent economic downturn, the collections losses in general are increasing.

And as they increase so will the first party fraud within collections debt. So there will be an overall increase in first party losses.

Read related articles

Top five ways Canadians can protect against credit card fraud

Trio of brothers sentenced to jail for fraud

Small firms must comply with security standards or be held liable for breaches

Get that chip off your shoulder and put it on your credit card

You cite automating of processes leading up to the lending decision, specifically the use of lending scores as one of the drivers for this increase in first-party fraud. Could you elaborate on this point?

Yes. We’ve moved from a process which ensured there was a personal relationship and knowledge of a person’s identify prior to a lending decision to really an automated process based on scores. We’ve seen evidence of manipulation of that behaviour score through practices like churning – making lots of deposits and withdrawals from the account.

They’re often round dollar amounts, and it’s obvious the perpetrator hasn’t tried to hide or mask their identity. There’s obvious transaction activity that’s in there to increase or elevate the behaviour scores.

We’ve even heard of perpetrators walking into branches and asking – “do I qualify for the overdraft limit yet.” And if not they come back a month later after transaction some more. And because the information is so automated – it’s based just on that one score, there’s going to be manipulation of that score.

How serious an issue is this in Canada? You talk about a British Bankers Association estimate of 10 – 15 per cent of bad debt losses incurred by the banking sector — and I’m assuming this is in Britain – as being from first party fraud. Would you say the same kind of situation prevails in Canada?

I’d say it would be close. The U.K. environment is exposed to a larger extent, because they have more “transient” people in the country – students, short-term workers and a lot of “bust out” behaviour (such as extracting funds from financial institutions before they go back) from those types of people. We don’t have as much of that activity in Canada, but I still think it will be around 10 per cent.

The problem in Canada is that it’s not as much recognized. It’s not reported individually. It’s not categorized. So we don’t really know what portion of the debt is associated with first party fraud losses versus what are genuine bankruptcies and delinquencies by customers.

So do you see this then as an issue that needs to be resolved in Canada … through better reporting. And could you, in that context, talk about some of the other strategies to combat first party fraud?

A first step would be to understand the problem. So a clear definition of what first party fraud is important. And once we have multiple institutions that have a recognized definition they can adhere to – the institutions can formulate a solution to solve the problem. Right now because it’s not understood … the magnitude of it and occurrences, it’s very difficult to decide what the appropriate solution should be.

Could you talk about the strategies adopted by first party fraudsters? What are some of the common ploys they would use to create and exploit false identities?

Synthetic IDs are a part of first-party fraud. And synthetic could mean that they’ve used their own credentials and altered them a bit in the hope that they could create a new entity. That new entity sometimes shares a few details with the actual perpetrator, but sometimes it’s completely fictitious.

First party fraud does involve that. But it also involves people just walking into an organization, transacting at the organization and churning … obvious behaviour with lots of transactions, qualifying for more products and limits – such as a line of credit or overdraft and then busting out – extracting those funds immediately and not paying the organization back. That bust out is usually done across multiple financial institutions, but each institution gets to see that activity once.

Once they’ve removed those funds, we’ve also seen evidence of them extracting more than the limits available to them. So, for instance, if they have $1,000 overdraft limit, they can pay in fake deposits, take advantage of the clearing cycle and extract more money than is available to them once that deposit does not clear. So they can have a deposit with $1,000 overdraft being written off for well over $1,000 dollars – almost $1,500 – $1,700 in some instances. So that additional loss, I think, is evidence of intent.

So as I see it then there are phases to this fraud. The first is the creation of a fake identity and this is done through a variety of strategies. And then what you referred to as “busting out” – and this could be done with multiple financial institutions and simultaneously so this is not identified and tracked. Is that right?

So if you look at it from the eyes of a perpetrator, you need to get somebody – one institution — to accept the identity you’ve created. You get a credit card in this way – and that card then serves as an ID to get multiple other lines of credit. So if you go to get a store card, they usually just need to see your credit card. That first card you get acts as a mechanism that allows you to extend credit across lots of locations.

You note that when it comes to first party fraud behaviour profiling doesn’t work so well. Why is this so?

A transactional behaviour model can significantly help reduce the size of the problem by focusing on the behaviour of these customers when they first open their account. Their manipulation of the account to inflate the number of transactions is a leading indicator. I think identifying that as significantly different from the regular population …

But you’ve also said in your writings that using past behaviour as yardstick doesn’t work – because with first party fraud there is no past behaviour you can rely on to create a metric.

We would use behaviour of a population of customers that are known to be “normal.” These are customers that have been on the books for a long period of time and have shown their worth. That’s your norm. You’re not comparing it to past behaviour because it doesn’t exist here. But you’re comparing it against the behaviour of other people who are known to be genuine – and asking: is this statistically different.

What we found is it is different. You can recognize these early transaction patterns, and pool out accounts and extend less credit to those accounts. They still bust out. But at least you’ve identified them and reduced your overall losses.

What are some of the strategies we could use to combat first party fraud?

Actimize, the company I represent provides an application that interacts directly with the transactions and allows you to decide in real time which transactions should and shouldn’t be paid out. For example, when someone pays in a cheque for $5,000, normally this process is associated with the clearing cycle.

But now we can make a fraud decision on that, and only extend credit from that payment if we don’t see this bust out behaviour. So if we see rapid withdrawal behaviour we can shut down all channels – online banking, telephone banking and the card channel as well.  

So, in essence, every contact that that identify has through the normal channels can be shut down at the same time. That’s really what’s required … quick, fast reaction.

Exit mobile version